diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2021-10-06 14:01:25 +0200 |
---|---|---|
committer | Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> | 2021-10-06 19:47:40 +0000 |
commit | d7bb104e5520d4b3c02eb26789b804502c567a78 (patch) | |
tree | a1cde2588290ca4fcc3de32bfd672059415956eb /src | |
parent | 4b0605e94042c4cce1b50bdbf7cf4773727db7b7 (diff) |
QTlsBackend (OpenSSL) : detect incompatible versions
OpenSSL v3 among other nice things brought some nasty crashes
(essentially, finally breaking what was already not so nice
in 1.x: see, e.g. ASN1_ITEM_free and ASN1_ITEM_ptr that we
have to use to free resources allocated by openssl). Let's,
at least, not use v3 from Qt built with 1.1.1 and vice
versa.
Change-Id: If14a2a0ce2189a1b7967b7ab7248d11d0f2fc423
Reviewed-by: MÃ¥rten Nordheim <marten.nordheim@qt.io>
(cherry picked from commit 3abcff49eb962cb087498626d77929a870c82929)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp b/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp index a30348b20e..037ab92f62 100644 --- a/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp +++ b/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp @@ -930,13 +930,25 @@ bool q_resolveOpenSslSymbols() RESOLVEFUNC(OpenSSL_version_num) RESOLVEFUNC(OpenSSL_version) - if (!_q_OpenSSL_version) { + if (!_q_OpenSSL_version || !_q_OpenSSL_version_num) { // Apparently, we were built with OpenSSL 1.1 enabled but are now using // a wrong library. qCWarning(lcTlsBackend, "Incompatible version of OpenSSL"); return false; } +#if OPENSSL_VERSION_NUMBER >= 0x30000000 + if (q_OpenSSL_version_num() < 0x30000000) { + qCWarning(lcTlsBackend, "Incompatible version of OpenSSL (built with OpenSSL >= 3.x, runtime version is < 3.x)"); + return false; + } +#else + if (q_OpenSSL_version_num() >= 0x30000000) { + qCWarning(lcTlsBackend, "Incompatible version of OpenSSL (built with OpenSSL 1.x, runtime version is >= 3.x)"); + return false; + } +#endif // OPENSSL_VERSION_NUMBER + RESOLVEFUNC(SSL_SESSION_get_ticket_lifetime_hint) #if QT_CONFIG(dtls) |